1378 matches found
CVE-2022-30691
Uncontrolled resource consumption in the IntelR Support Android application before version 22.02.28 may allow an authenticated user to potentially enable denial of service via local access...
PT-2022-12126 · Intel · Intel Connect M Android Application
Name of the Vulnerable Software and Affected Versions: IntelR Connect M Android application versions prior to 1.7.4 Description: The issue concerns incorrect default permissions that may allow an authenticated user to potentially enable information disclosure via local access. Recommendations: Fo...
PT-2022-18459 · Intel · Intel(R) Support Android
Name of the Vulnerable Software and Affected Versions: IntelR Support Android application versions prior to 21.07.40 Description: The issue is related to incorrect default permissions in the IntelR Support Android application, which may allow an authenticated user to enable information disclosure...
Intel® Connect M Android App Advisory
Summary: A potential security vulnerability in the Intel® Connect Mobile Connect M Android application may allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2021-44470 Description: Incorrect default...
Code injection
EllieGrid Android Application version 3.4.1 is vulnerable to Code Injection. The application appears to evaluate user input as code remote...
CVE-2022-30083
EllieGrid Android Application version 3.4.1 is vulnerable to Code Injection. The application appears to evaluate user input as code remote...
PT-2022-20003 · Unknown · Elliegrid Android Application
Name of the Vulnerable Software and Affected Versions: EllieGrid Android Application version 3.4.1 Description: The EllieGrid Android Application is vulnerable to Code Injection. The application evaluates user input as code, allowing for remote exploitation. Recommendations: For EllieGrid Android...
Capsule Technologies Capsule Workspace 缓冲区错误漏洞
Capsule Technologies Capsule Workspace is an Android App by Capsule Technologies, Inc. A security vulnerability exists in Capsule Technologies Capsule Workspace 8.x series versions prior to 8.2.2 that stems from the presence of a memory corruption issue...
CVE-2021-27768
Using the ability to perform a Man-in-the-Middle MITM attack, which indicates a lack of hostname verification, sensitive account information was able to be intercepted. In this specific scenario, the application's network traffic was intercepted using a proxy server set up in 'transparent' mode...
Code injection
Using the ability to perform a Man-in-the-Middle MITM attack, which indicates a lack of hostname verification, sensitive account information was able to be intercepted. In this specific scenario, the application's network traffic was intercepted using a proxy server set up in 'transparent' mode...
CVE-2021-27768
The CVE-2021-27768 entry applies to HCL Verse for Android, where hostname verification and SSL certificate validation during server setup and login are broken. This enables a MITM attack via a proxy in transparent mode and an invalid hostname certificate, potentially exposing sensitive account in...
CVE-2021-39080
Due to weak obfuscation, IBM Cognos Analytics Mobile for Android application prior to version 1.1.14 , an attacker could be able to reverse engineer the codebase to gain knowledge about the programming technique, interface, class definitions, algorithms and functions used. IBM X-Force ID: 215593...
CVE-2022-21153
Improper access control in the IntelR Capital Global Summit Android application may allow an authenticated user to potentially enable information disclosure via local access...
CVE-2022-21157
Improper access control in the IntelR Smart Campus Android application before version 6.1 may allow authenticated user to potentially enable information disclosure via local access...
CVE-2022-21157
Improper access control in the IntelR Smart Campus Android application before version 6.1 may allow authenticated user to potentially enable information disclosure via local access...
CVE-2022-21153
Improper access control in the IntelR Capital Global Summit Android application may allow an authenticated user to potentially enable information disclosure via local access...
PT-2022-14885 · Intel · Intel(R) Capital Global Summit Android Application
Name of the Vulnerable Software and Affected Versions: IntelR Capital Global Summit Android application affected versions not specified Description: The issue is related to improper access control, which may allow an authenticated user to enable information disclosure via local access...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google, Inc. An information disclosure vulnerability exists in Google Android, which originates in LoadedPackage::Load in LoadedArsc.cpp, and due to a lack of boundary checking, an out-of-bounds read may occur. read. An attacker...
CVE-2021-23863
HTML code injection vulnerability in Android Application, Bosch Video Security, version 3.2.3. or earlier, when successfully exploited allows an attacker to inject random HTML code into a component loaded by WebView, thus allowing the Application to display web resources controlled by the attacke...
CVE-2021-23863
HTML code injection vulnerability in Android Application, Bosch Video Security, version 3.2.3. or earlier, when successfully exploited allows an attacker to inject random HTML code into a component loaded by WebView, thus allowing the Application to display web resources controlled by the attacke...